Issue 2: Improperly configured LDAP servers allow the directory BASE to be set to NULL. This
allows information to be culled without any prior knowledge of the directory structure. Coupled
with a NULL BIND, an anonymous user can query your LDAP server through a tool such as
LdapMiner.
An eDirectory LDAP server allows the directory BASE to be set to NULL, and there is no way to
disable it. However, with the NULL BIND disabled, as previously mentioned, the security threat
posed by this feature is minimized.
210 OES 2 SP2: Installation Guide